Location has higher precedence than Directory. It's merged after, not before.
On Tue, Sep 24, 2013 at 6:05 AM, King Holger (CI/AFP2) <holger.k...@de.bosch.com> wrote: > Dear Apache community, > > we just wonder why when using the following configuration: > > # allow using the "/" directory of this virtual host by all > <Location /> > Require all granted > </Location> > > Alias /fslogs /opt/wcms/fs4/log > <Directory /opt/wcms/fs4/log> > IndexIgnore .. fs4.pid fs-wrapper.log fs-gc.log > IndexOptions +FancyIndexing > Options +Indexes > > AuthType Basic > AuthName "Restricted access" > AuthBasicProvider file > AuthUserFile /tmp/passwd > Require valid-user > </Directory> > > the default handling of overwriting access directives in sub contexts does > not work properly (AuthMerging off). Might it be due to the two directives > "Location" and "Directory"? We expected that for "/opt/wcms/fs4/log" just > authenticated and valid users should have access. So, access should be > limited. Instead we see that everybody can browse the directory. > > Kind regards, > Holger King > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > -- Eric Covener cove...@gmail.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org